Description:
You will be joining an established security team which already has a high capability. The organisation is ISO27001 2022 compliant too. This role will be pivotal in not only maintaining this compliance but ensuring that the business is prepared for the evolving cyber threats it faces and addressing risks in an appropriate manner. This is a fun, fast paced organisation with a nice flat structure. The right person for this team will be able to work well in such an organisation, and be inquisitive and self motivated.
Roles and Responsibilities
- Manage and enhance the ISO 27001 Information Security Management System (ISMS) and any future frameworks.
- Provide guidance, recommendations, and support to internal and external stakeholders on security and privacy initiatives, including regulatory compliance and vendor security assessments.
- Develop and implement policies and procedures to strengthen information security and privacy efforts.
- Contribute to various information IR/security-related projects as the GRC SME as required
- Conduct ongoing risk monitoring, including facilitating regular risk workshops across the business and designing risk treatment plans.
- Coordinate and respond to internal and external audit inspections, security assessments, and inquiries, ensuring continued ISO 27001 compliance.
Qualifications, Knowledge, Skills, and Experience
- Hands-on experience in implementing and managing an ISO 27001 ISMS.
- Demonstrated expertise in a senior information security or risk and compliance role.
- At least five years of experience in risk, compliance, or information security-related fields.
- Strong understanding of various technologies, including infrastructure and software development practices.
- Comprehensive knowledge of information security methodologies, tools, controls, policies, and frameworks.
To learn more about this role please apply online or reach out to chris.dalziel@hudson.com. No visa sponsorship is available for this position unfortunately.